Modern identity and trust systems collapse in the environments where they are needed most: disaster zones, disconnected or damaged networks, and adversarial conditions such as censorship or infrastructure interference. These systems depend on functioning networks to reach online authorities, resolvers, directories, and revocation services, leaving trust unverifiable whenever communication is unavailable or untrusted. This work demonstrates that secure identity and trust are possible without such infrastructure. We introduce the Zero-Infrastructure Capability Graph (ZI-CG), a model showing that identity, delegation, and revocation can be represented as self-contained, signed statements whose validity is determined entirely by local, deterministic evaluation. We further present Vouchsafe, a complete working instantiation of this model built using widely deployed primitives including Ed25519, SHA-256, and structured JSON Web Tokens, requiring no new cryptography or online services. The results show that a practical, offline-verifiable trust substrate can be constructed today using only the cryptographic data presented at evaluation time.

翻译：现代身份与信任系统在最需要它们的环境中往往失效：灾区、断网或受损网络环境，以及存在审查或基础设施干扰的对抗性场景。这些系统依赖正常运行的网络来连接在线权威机构、解析器、目录和撤销服务，导致在通信不可用或不可信时无法验证信任。本研究表明，无需此类基础设施同样可以实现安全的身份与信任。我们提出了零基础设施能力图模型，该模型证明身份、委托和撤销均可表示为自包含的签名声明，其有效性完全通过本地确定性评估判定。我们进一步介绍了Vouchsafe——基于广泛部署的密码学原语（包括Ed25519、SHA-256和结构化JSON Web令牌）构建的完整工作实例，无需新型密码学方案或在线服务。结果表明，仅通过评估时提供的密码学数据，即可构建具有实际应用价值的离线可验证信任基础层。